Rx4-1500 Firmware Security Vulnerabilities and Issues — Rx4-1500 Firmware CVE List

Lucene search

JuplinkRx4-1500 Firmware

5 matches found

CVE•added 2023/08/23 10:15 p.m.•50 views

CVE-2023-41028

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.

9CVSS9AI score0.00109EPSS

CVE•added 2023/09/22 5:15 p.m.•28 views

CVE-2023-41031

Command injection in homemng.htm in Juplink RX4-1500 versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows remote authenticated attackers to execute commands via specially crafted requests to the vulnerable endpoint.

8.8CVSS8.2AI score0.00259EPSS

CVE•added 2023/09/22 5:15 p.m.•25 views

CVE-2023-41027

Credential disclosure in the '/webs/userpasswd.htm' endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.4 and V1.0.5 allows an authenticated attacker to leak the password for the administrative account via requests to the vulnerable endpoint.

8.8CVSS7.9AI score0.00083EPSS

CVE•added 2023/09/22 5:15 p.m.•25 views

CVE-2023-41029

Command injection vulnerability in the homemng.htm endpoint in Juplink RX4-1500 Wifi router firmware versions V1.0.2, V1.0.3, V1.0.4, and V1.0.5 allows authenticated remote attackers to execute commands as root via specially crafted HTTP requests to the vulnerable endpoint.

8.8CVSS8.3AI score0.00175EPSS

CVE•added 2023/09/18 7:15 p.m.•21 views

CVE-2023-41030

Hard-coded credentials in Juplink RX4-1500 versions V1.0.2 through V1.0.5 allow unauthenticated attackers to log in to the web interface or telnet service as the 'user' user.

9.8CVSS7.1AI score0.00112EPSS